Skip to content

Network Settings

Network connections used by Remote Services

To use the "Remote Services" application, access to Insights Hub is required to log into the tenant and to access supporting applications like "Settings", "Asset Management" and "MindConnect Agent" UIs.

In order to connect a Service Network with a Factory Network, Remote Services establishes two encrypted tunnels:

  • A tunnel between the Service Network and the Insights Hub Backend. This tunnel is established by the Service Endpoint.
  • A tunnel between the Factory Network and the Insights Hub Backend. This tunnel is established by the Device Endpoint.

RS uses the WebSocket Secure (WSS) protocol for these tunnels.

Configuration Guidelines for Firewalls

In case a firewall is used, the following configurations are needed to enable access to and from the network locations that are used for Remote Services.

For Outbound traffic:

  • Destination Server Port: 443

  • URLs to be white listed for Remote Services:

    • https://connectivity.eu1.vpnrts.mindsphere.io/uaa/oauth/token
    • https://s3restriction.eu1.vpnrts.mindsphere.io:443
    • https://wss.eu1.vpnrts.mindsphere.io:443/mts/
    • https://wss.eu1.vpnrts.mindsphere.io:443/ccf/
  • Access to Insights Hub domain must be whitelisted:

    • *.eu1.mindsphere.io
  • Protocol WebSocket Secure (WSS)

For Inbound Traffic:

  • Protocol WebSocket Secure (WSS)

Configuration Guidelines for Network Proxies

In case a proxy is used, the following configurations are needed to enable access to and from the network locations that are used for Remote Services:

For Outbound traffic:

  • Destination Server Port: 443

  • URLs to be whitelisted:

    • https://connectivity.eu1.vpnrts.mindsphere.io/uaa/oauth/token
    • https://s3restriction.eu1.vpnrts.mindsphere.io:443
    • https://wss.eu1.vpnrts.mindsphere.io:443/mts/
    • https://wss.eu1.vpnrts.mindsphere.io:443/ccf/
  • Access to Insights Hub domain must be whitelisted:

    • *.eu1.mindsphere.io
  • Protocol WebSocket Secure (WSS)

Proxy timeout settings

The value of the proxy timeout setting determines the maximum duration a WSS session will remain active. Hence, this value must be greater or equal than the desired session time out that is configured in the Connector setup for a specific connection.


Last update: March 18, 2024